libmatio - Debian Package Tracker

general

source: libmatio (main)
version: 1.5.23-1
maintainer: Debian Science Team (archive) (DMD)
uploaders: Sébastien Villemot [DMD]
arch: all any
std-ver: 4.6.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.5.9-1
oldstable: 1.5.13-3
stable: 1.5.19-2
testing: 1.5.23-1
unstable: 1.5.23-1

versioned links

1.5.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.13-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.19-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.23-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libmatio-dev
libmatio-doc
libmatio11
matio-tools

action needed

21 security issues in stretch high

There are 21 open security issues in stretch.

1 important issue:

CVE-2022-1515: A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.

20 issues postponed or untriaged:

CVE-2019-9026: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function InflateVarName() in inflate.c when called from ReadNextCell in mat5.c.
CVE-2019-9027: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow problem in the function ReadNextCell() in mat5.c.
CVE-2019-9028: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions() in inflate.c when called from ReadNextCell in mat5.c.
CVE-2019-9029: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read with a SEGV in the function Mat_VarReadNextInfo5() in mat5.c.
CVE-2019-9030: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in mat5.c.
CVE-2019-9031: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a NULL pointer dereference in the function Mat_VarFree() in mat.c.
CVE-2019-9032: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds write problem causing a SEGV in the function Mat_VarFree() in mat.c.
CVE-2019-9033: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for the "Rank and Dimension" feature in the function ReadNextCell() in mat5.c.
CVE-2019-9034: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for a memcpy in the function ReadNextCell() in mat5.c.
CVE-2019-9035: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField() in mat5.c.
CVE-2019-9036: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function ReadNextFunctionHandle() in mat5.c.
CVE-2019-9037: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a buffer over-read in the function Mat_VarPrint() in mat.c.
CVE-2019-9038: (needs triaging) An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read problem with a SEGV in the function ReadNextCell() in mat5.c.
CVE-2019-13107: (needs triaging) Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c
CVE-2019-17533: (needs triaging) Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.
CVE-2019-20017: (needs triaging) A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.
CVE-2019-20018: (needs triaging) A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.
CVE-2019-20019: (needs triaging) An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.
CVE-2019-20020: (needs triaging) A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.
CVE-2020-19497: (needs triaging) Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts.

Created: 2022-04-29 Last update: 2022-05-04 05:39

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-20019: An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.

Created: 2021-02-19 Last update: 2022-05-04 05:39

8 security issues in buster high

There are 8 open security issues in buster.

1 important issue:

CVE-2022-1515: A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.

7 issues left for the package maintainer to handle:

CVE-2019-13107: (needs triaging) Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c
CVE-2019-17533: (needs triaging) Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.
CVE-2019-20017: (needs triaging) A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.
CVE-2019-20018: (needs triaging) A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.
CVE-2019-20019: (needs triaging) An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.
CVE-2019-20020: (needs triaging) A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.
CVE-2020-19497: (needs triaging) Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2022-05-04 05:39

3 security issues in bullseye high

There are 3 open security issues in bullseye.

1 important issue:

CVE-2022-1515: A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.

2 issues left for the package maintainer to handle:

CVE-2019-20019: (needs triaging) An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.
CVE-2020-36428: (needs triaging) matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-08-14 Last update: 2022-05-04 05:39

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2019-20019: An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.

Created: 2021-08-15 Last update: 2022-05-04 05:39

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2022-05-09 Last update: 2022-05-17 09:40

lintian reports 3 warnings normal

Lintian reports 3 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-09-06 Last update: 2021-09-06 18:33

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).

Created: 2022-05-11 Last update: 2022-05-11 23:24

testing migrations

This package will soon be part of the auto-hdf5 transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2022-04-16] libmatio 1.5.23-1 MIGRATED to testing (Debian testing watch)
[2022-04-16] libmatio 1.5.23-1 MIGRATED to testing (Debian testing watch)
[2022-04-11] Accepted libmatio 1.5.23-1 (source) into unstable (Sébastien Villemot)
[2022-04-03] libmatio 1.5.22-1 MIGRATED to testing (Debian testing watch)
[2022-03-29] Accepted libmatio 1.5.22-1 (source) into unstable (Sébastien Villemot)
[2021-08-28] libmatio 1.5.21-1 MIGRATED to testing (Debian testing watch)
[2021-08-22] Accepted libmatio 1.5.21-1 (source) into unstable (Sébastien Villemot)
[2020-11-25] libmatio 1.5.19-2 MIGRATED to testing (Debian testing watch)
[2020-11-25] libmatio 1.5.19-2 MIGRATED to testing (Debian testing watch)
[2020-11-19] Accepted libmatio 1.5.19-2 (source) into unstable (Sébastien Villemot)
[2020-11-14] Accepted libmatio 1.5.19-1 (source) into experimental (Sébastien Villemot)
[2020-09-25] Accepted libmatio 1.5.18-1 (source amd64 all) into experimental, experimental (Debian FTP Masters) (signed by: Sébastien Villemot)
[2020-07-19] libmatio 1.5.17-5 MIGRATED to testing (Debian testing watch)
[2020-07-13] Accepted libmatio 1.5.17-5 (source) into unstable (Sébastien Villemot)
[2020-06-30] Accepted libmatio 1.5.2-3+deb8u1 (source all amd64) into oldoldstable (Adrian Bunk)
[2020-06-23] Accepted libmatio 1.5.17-4 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Sébastien Villemot)
[2019-09-29] libmatio 1.5.17-3 MIGRATED to testing (Debian testing watch)
[2019-09-24] Accepted libmatio 1.5.17-3 (source) into unstable (Sébastien Villemot)
[2019-08-20] Accepted libmatio 1.5.17-2 (source) into experimental (Sébastien Villemot)
[2019-07-21] Accepted libmatio 1.5.17-1 (source) into experimental (Sébastien Villemot)
[2019-07-19] Accepted libmatio 1.5.16-1 (source amd64 all) into experimental, experimental (Sébastien Villemot)
[2019-04-01] libmatio 1.5.13-3 MIGRATED to testing (Debian testing watch)
[2019-03-23] Accepted libmatio 1.5.13-3 (source) into unstable (Sébastien Villemot)
[2019-03-22] Accepted libmatio 1.5.13-2 (source) into unstable (Sébastien Villemot)
[2018-11-01] libmatio 1.5.13-1 MIGRATED to testing (Debian testing watch)
[2018-10-27] Accepted libmatio 1.5.13-1 (source) into unstable (Sébastien Villemot)
[2018-03-19] libmatio 1.5.12-2 MIGRATED to testing (Debian testing watch)
[2018-03-14] Accepted libmatio 1.5.12-2 (source) into unstable (Sébastien Villemot)
[2018-03-13] Accepted libmatio 1.5.12-1 (source) into unstable (Sébastien Villemot)
[2017-10-31] libmatio 1.5.11-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 3)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.5.23-1
3 bugs